Why do some sites block pasting into username or password input fields?

In my opinion, I don't think it's a net win. Those restrictions always frustrate me.

(I'm hoping someone here will post details about how to defuse or work around them. Maybe a tweak to Firefox's user_prefs.js? An extension?)

Presumably the reason why sites disable the password manager is because they're worried that Alice might sit down in front of Bob's browser and log into the web site as Bob, maybe purchasing something on Bob's tab. This is particularly an issue for roommates, family members, etc. who live together with each other. (See also "friendly fraud".) A related risk is that Bob might actually purchase something, but then claim that Alice did it to get out of paying for it. Presumably, the sites hope that by disabling the password manager, Bob will be forced to type in his password anew every time; Alice won't know the password and won't be able to type it in.

However, these restrictions come at a significant cost. They make the website less usable and more annoying for users. They also drive users to either select poor passwords (which may be more susceptible to password-guessing attacks) or to write down their passwords (potentially enabling roommates and family members to learn the password, leaving everyone back where we started). For users who do trust everyone else who has physical access to their computer, these restrictions strictly decrease security.

Personally, I suspect most sites should be reluctant to employ such measures. Odds are that you will annoy your users more than you will help them. But you will be in a better position to make an informed decision.

If you do decide to employ such restrictions, you might consider providing users a way to opt out if they do not share their computer with others. Perhaps this may only be of interest to power users, so I don't know if it's worth your time, but you could consider it.


The two core reasons always indicated to me are:

  1. Allowing copy and paste means people will have their passwords saved in a text file somewhere, which is unsafe (yes, I know with applications like PassSafe this is a bit outdated, as the place to save passwords is 'safe')
  2. People will forget their passwords if they don't have to remember them.

Number 2 is the most important one, I think - it's hard enough persuading people to remember their passwords when they get back off holiday - the helpdesk load is high after any major holiday, and companies try to reduce this.


I personally don't think there are any real benefits. I'm agreeing with the idea that you'll probably just annoy your users into picking something that isn't helpful.

That said, I believe the rationales used are either to

  • avoid the password being saved somewhere where it might be stolen,
  • or because they believe passwords must be typed by the user for irrational reasons.

While it might be rational that it could defend against Little Johnny emptying his mother's bank account, I don't see much else in practicality. I figure if you can snag the password file, you can probably snoop on the keyboard input.